The first computers were only able to run a single program at a time. In modern times, however, computers are expected to be able to run several different pieces of software at once. For example, typical multi-tasking operating systems can run several application programs at once on a single machine. In view of this and the evolution of a shared, open network (i.e., the Internet), security and privacy have become two important and difficult issues facing the computer industry. As the personal computer grows more central to home, work, and school, consumers and business customers alike are increasingly aware of privacy and security issues. Improving the ability of software and hardware to protect the integrity of digital information and the privacy of computer users has become a critical focus for both software developers and hardware manufacturers. Microsoft Corporation, Redmond, Wash. has introduced the Next-Generation Secure Computing Base (NGSCB) personal computer platform which provides security and privacy in an operating system.
In the conventional NGSCB within a computer 110, as shown in FIG. 2, a “right-hand side” (RHS) security system works in conjunction with a traditional “left-hand side” (LHS) system and central processing unit (CPU). The RHS is designed to protect against malicious software while preserving the operating system's openness. With NGSCB, applications run in a protected memory space that is highly resistant to software tampering and interference. Typically, there is one chipset in the computer 110 that both the LHS and RHS use. The LHS and RHS are a logical, but physically enforced, division or partitioning of the computer 110.
The LHS comprises traditional applications 205, 210, such as Microsoft® Word® and Microsoft® Excel®, along with a conventional operating system 201, such as the Microsoft® Windows® operating system. Although two applications are shown, typically any number can be implemented.
The RHS comprises trusted agents 255, 260, along with a “nexus” 251. A nexus is a “high assurance” operating system that provides a certain level of assurance as to its behavior and can comprise all the kernel mode code on the RHS. For example, a nexus might be employed to work with secret information (e.g., cryptographic keys, etc.) that should not be divulged, by providing a curtained memory that is guaranteed not to leak information to the world outside of the nexus, and by permitting only certain certified applications to execute under the nexus and to access the curtained memory. The nexus 251 should not interact with the main operating system 201 in any way that would allow events happening at the main operating system 201 to compromise the behavior of the nexus 251. The nexus 251 may permit all applications to run or a machine owner may configure a machine policy in which the nexus 251 permits only certain agents to run. In other words, the nexus 251 will run any agent that the machine owner tells it to run. The machine owner may also tell the nexus what not to run.
The nexus 251 isolates trusted agents 255, 260, manages communications to and from trusted agents 255, 260, and cryptographically seals stored data (e.g., stored in a hard disk drive). More particularly, the nexus 251 executes in kernel mode in trusted space and provides basic services to trusted agents 255, 260, such as the establishment of the process mechanisms for communicating with trusted agents and other applications, and special trust services such as attestation of a hardware/software platform or execution environment and the sealing and unsealing of secrets. Attestation is the ability of a piece of code to digitally sign or otherwise attest to a piece of data and further assure the recipient that the data was constructed by an unforgeable, cryptographically identified software stack.
A trusted agent is a program, a part of a program, or a service that runs in user mode in trusted space. A trusted agent 255, 260 calls the nexus 251 for security-related services and critical general services, such as memory management. A trusted agent is able to store secrets using sealed storage and authenticates itself using the attestation services of the nexus. Each trusted agent or entity controls its own domain of trust, and they need not rely on each other.
The RHS further comprises a security support component (SSC) 253 that uses a public key infrastructure (PKI) key pair along with encryption functions to provide a secure state.
NGSCB provides features such as “attestation”, “sealed storage”, and “strong process isolation”. Attestation lets other computers know that a computer is really the computer it claims to be, and is running the software it claims to be running. Because NGSCB software and hardware is cryptographically verifiable to the user and to other computers, programs, and services, the system can verify that other computers and processes are trustworthy before engaging them or sharing information. Thus, attestation allows the user to reveal selected characteristics of the operating environment to external requestors.
Sealed storage allows the user to encrypt information so that it can only be accessed by a trustworthy application. This can include just the application that created the information in the first place, or any application that is trusted by the application that owns the data. Therefore, sealed storage allows a program to store secrets that cannot be retrieved by nontrusted programs, such as a virus or Trojan horse.
Strong process isolation provides a trusted space by carving out a secure area (the RHS). Operations that run on the RHS are protected and isolated from the LHS, which makes them significantly more secure from attack.
NGSCB also provides secure input and output. With NGSCB, keystrokes are encrypted before they can be read by software and decrypted once they reach the RHS. This means that malicious software cannot be used to record, steal or modify keystrokes. Secure output is similar. The information that appears onscreen can be presented to the user so that no one else can intercept it and read it. Taken together, these things allow a user to know with a high degree of confidence that the software in his computer is doing what it is supposed to do.
Despite the substantial trust resources available to the RHS, the LHS remains untrusted. The present invention addresses this and other deficiencies of current trustworthy computing systems.